WO2017164159A1 - 1:n biometric authentication, encryption, signature system - Google Patents

1:n biometric authentication, encryption, signature system Download PDF

Info

Publication number
WO2017164159A1
WO2017164159A1 PCT/JP2017/011174 JP2017011174W WO2017164159A1 WO 2017164159 A1 WO2017164159 A1 WO 2017164159A1 JP 2017011174 W JP2017011174 W JP 2017011174W WO 2017164159 A1 WO2017164159 A1 WO 2017164159A1
Authority
WO
WIPO (PCT)
Prior art keywords
authentication
information
biometric
user
feature data
Prior art date
Application number
PCT/JP2017/011174
Other languages
French (fr)
Japanese (ja)
Inventor
高橋 健太
Original Assignee
株式会社日立製作所
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 株式会社日立製作所 filed Critical 株式会社日立製作所
Priority to EP17770201.6A priority Critical patent/EP3435591B1/en
Priority to US15/752,623 priority patent/US10680808B2/en
Priority to CN201780002824.4A priority patent/CN107925581B/en
Publication of WO2017164159A1 publication Critical patent/WO2017164159A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/951Indexing; Web crawling techniques
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/34Encoding or coding, e.g. Huffman coding or error correction
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • H04L2209/805Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor

Definitions

  • the present invention relates to a system that performs processing such as authentication, encryption, and signature based on personal biometric information.
  • biometric authentication was successful on the user terminal (smartphone, PC, etc.) side.
  • a protocol is defined that performs challenge-response authentication based on public key encryption technology with a server using a secret key in the terminal.
  • the user registers his / her own biometric information in his / her terminal in advance and creates a pair of his / her private key and public key for each service (for example, online payment, net banking, etc.) to be used.
  • each service can be used only by presenting the biometric information on its own terminal thereafter.
  • FIDO is based on the premise that the user occupies one or two terminals, and access to each service is performed only from this dedicated terminal.
  • one or more terminals can be shared by multiple or unspecified users, or if one user has many terminals.
  • the FIDO / UAF method makes the registration operation complicated (decrease in convenience) and increases the risk of leaking sensitive and sensitive information such as biometric information and secret keys ( The problem that safety is reduced) arises.
  • Biometric cryptography extracts feature quantity X from biometric information at the time of registration, and adds random number information R to X to perform some kind of concealment processing, thereby creating data H called auxiliary information.
  • the auxiliary information H is stored in a user terminal or the like.
  • the feature quantity X ′ is extracted from the newly acquired biometric information, and R ′ is restored by performing restoration processing on the auxiliary information H using X ′.
  • the algorithm is designed so that it is difficult to estimate X and R from H unless X ′ sufficiently close to X is known.
  • X ′ sufficiently close to X is known.
  • the R value or R hash value By registering and collating the R value or R hash value, it is possible to authenticate with the feature X at the time of registration kept secret, and the R value or R hash value is considered as a secret key and data
  • encryption / decryption and digital signature generation processing encryption / decryption and digital signature based on biometric information can be realized without directly holding the secret key.
  • authentication based on FIDO / UAF can only be used with service servers that comply with the standard. Even biometric cryptography can be used only on a service server that implements the authentication function. For this reason, it is not possible with the above-described technology to use a service only by biometric authentication without modifying the server for various existing online services that use existing authentication means such as password authentication and PKI authentication.
  • the present invention allows the user to use various existing online services from one or a plurality of terminals without limiting the combination of the user and the terminal, without modifying the service server,
  • the purpose is to realize convenient and secure authentication using only biometric authentication without requiring card presentation.
  • the purpose is to realize highly confidential information and sensitive information such as registered biometric information and its feature data, secret key, password, user ID, and personal information without directly storing them in the terminal or server. .
  • an authentication system encodes a sensor that acquires biometric information of a user, a feature extraction unit that extracts authentication feature data from the acquired biometric information, and authentication feature data.
  • a user terminal comprising: a feature data encoding unit for generating authentication encoded feature data; and a transmission unit for transmitting identification request information including the authentication encoded feature data to the outside; and storing biometric encryption authentication information
  • a search unit that searches for biometric encryption authentication information included in the DB based on the identification request information, and decrypts the encoded feature data for authentication with respect to the searched biometric encryption authentication information
  • the decryption processing unit that uniquely identifies the user based on the authentication information obtained by decryption, and obtained by decryption for the identified user It comprises an authentication response processor for performing an authentication response process on behalf of the user terminal based on the testimony information, the authentication server comprising, a.
  • the user when using various existing online services from one or a plurality of terminals, the user can further input ID without limiting the combination of the user and the terminal, and without modifying the service server. It is possible to authenticate safely and conveniently only by biometric authentication without requiring card presentation.
  • This embodiment can be applied to a case where one or a plurality of terminals are shared by a plurality of or an unspecified number of users in ATMs, POS terminals, offices, universities, or the like. Further, the present invention can be applied to a case where a single user has a large number of terminals. Furthermore, the present invention can be applied to a case where one user frequently replaces a terminal. According to the present embodiment, in these cases, it is not necessary to present an ID, password, card, etc., only biometric information, online payment, credit payment at the store, net banking, various web services, information system User authentication and identity verification when using various services such as login and opening / closing of ticket gates can be performed.
  • biometric information is assumed to include fingerprints, faces, irises, etc., as well as veins stretched around fingers and palms.
  • FIG. 1 shows the system configuration of the biometric authentication system in this embodiment.
  • This system includes a registration terminal 100 that converts user biometric information and authentication information of various services into a secure form and registers, a user terminal 200 for the user to use various services, and a user based only on biometric information.
  • a 1 N authentication server 300 that performs a proxy for authentication information decryption and authentication response processing for the service of the user, a service providing server 400 that provides the service to the user via a user terminal, and Network 500 that connects the two.
  • the user terminal 200 is assumed to be a shared or personal PC, a smartphone or a tablet, a bank ATM, a POS terminal, various business terminals, or the like in an office, university, home, or the like.
  • Registration terminal 100 may be the same terminal as user terminal 200 or may be a different terminal.
  • the operator of the registration terminal may be the user himself / herself, or may be an operator or system administrator different from the user.
  • the service providing server 400 may be a banking server, a payment server, various web service servers, an authentication server for an information system in a company / university, and there are generally a plurality of such servers.
  • the user authentication function for example, password basic authentication, password digest authentication, PKI authentication, FIDO authentication, etc.
  • the service providing server 400 does not need to be modified for biometric authentication and can be used as it is.
  • the registration terminal 100 includes a service designation function 101 for designating or selecting a service that the user wants to use only by biometric authentication, a user ID input function 102 for inputting a user ID in the service, and authentication secret information (password) for the user ID in the service Authentication secret information input (creation) function 103 that inputs or creates a private key) and a certificate creation function that creates a public key certificate corresponding to the private key when the user authentication function is PKI authentication, etc.
  • a service designation function 101 for designating or selecting a service that the user wants to use only by biometric authentication
  • a user ID input function 102 for inputting a user ID in the service
  • authentication secret information for the user ID in the service
  • Authentication secret information input (creation) function 103 that inputs or creates a private key
  • certificate creation function that creates a public key certificate corresponding to the private key when the user authentication function is PKI authentication, etc.
  • a sensor 105 that acquires biometric information for registration
  • a feature extraction function 106 that extracts feature data for registration from the biometric information for registration
  • verification information creation function 108 for creating verification information for authentication information
  • SID service identifier
  • the user terminal 200 includes a service use function 201 for using various services, a sensor 202 that acquires biometric information for authentication, a feature extraction function 203 that extracts authentication feature data from the biometric information for authentication, and an authentication feature A feature conversion function 204 that performs conversion to conceal data and creates conversion feature data, and a user identification / authentication request from the service providing server 400 for service, performs an authentication response using the 1: N authentication server 300 Authentication response function 205.
  • the sensor 202 can be selected as appropriate according to the biological information to be acquired. For example, when a finger vein is used as the biological information, an imaging unit or the like that captures transmitted light that has been irradiated from a light source (not shown) and then transmitted through the finger is assumed.
  • N authentication server 300 receives biometric encryption authentication information DB 301 that stores biometric encryption authentication information in association with a service identifier (SID), authentication method type information, and the like from user terminal 200.
  • N biometric decryption function 302 that identifies a user from biometric encryption authentication information DB 301 based on the service identifier (SID) and authentication conversion feature data to be restored and restores authentication information corresponding to the service, and decryption
  • a proxy authentication response function 303 that performs a user authentication response process for the service providing server 400 as a proxy via the user terminal 200 based on the authenticated authentication information.
  • the service providing server 400 includes a user information DB 401 that manages user information such as a user ID, a password or a hash value of a password, a public key, a user authentication function 402 that performs user authentication based on authentication information, and a case where authentication is successful. And a service providing function 403 that provides a service to the user terminal 200.
  • a user information DB 401 that manages user information such as a user ID, a password or a hash value of a password, a public key
  • a user authentication function 402 that performs user authentication based on authentication information, and a case where authentication is successful.
  • a service providing function 403 that provides a service to the user terminal 200.
  • the service here is assumed to be online payment, credit payment at the store, net banking, various web services, login to information systems, opening / closing of ticket gates, etc.
  • FIG. 2 shows the information managed by the biometric encryption authentication information DB 301.
  • Each record registered in the DB includes a management ID (MID) assigned by the registration terminal 100 or 1: N authentication server 300 to manage each record, and a service identifier (SID) specified by the service specification function 101. And the type of authentication method used in the service (password basic authentication, password digest authentication, PKI authentication, FIDO authentication, etc.) and biometric encryption authentication information.
  • One record may include a plurality of biometric encryption authentication information. A plurality of records may be registered for one user.
  • FIG. 7 shows the hardware configuration of the registration terminal 100, user terminal 200, 1: N authentication server 300, and service providing server 400 in the present embodiment. These can be constituted by a CPU 700, a memory 701, a storage 702, an input device 703, an output device 704, and a communication device 705 as shown in the figure.
  • FIG. 3 is a diagram showing a registration processing flow in this embodiment.
  • S300 is a process in which the registration terminal 100 specifies the identifier (SID) of the service to be used and its authentication method type by the operation of the user or operator.
  • SID identifier
  • S301 is a process in which the registration terminal 100 receives an input of a user ID (UID).
  • UID user ID
  • S302 is a process in which the registration terminal 100 receives input of authentication secret information corresponding to the authentication method type in the service or creates authentication secret information.
  • authentication secret information corresponding to the authentication method type in the service or creates authentication secret information.
  • password authentication accepts password input.
  • FIDO authentication a private key / public key pair is generated.
  • S303 is a process in which the registration terminal 100 creates a certificate of authentication information according to the authentication method. For example, in the case of PKI authentication, a public key certificate including a public key is created.
  • S304 is a process in which the registration terminal 100 acquires biometric information for registration of the user via the sensor 105.
  • S305 is a process in which the registration terminal 100 extracts registration feature data from the biometric information for registration.
  • S306 is processing in which the registration terminal 100 converts the registration feature data to create registration conversion feature data.
  • a specific conversion example will be described later in the latter part of the description of FIG.
  • This step makes it possible to conceal authentication feature data described later from the 1: N authentication server 300.
  • the registration feature data can be kept secret without executing this step.
  • S307 is a process in which the registration terminal 100 gives verification information to the authentication information. A specific method will be described later with reference to FIG.
  • the registration terminal 100 creates biometric encryption authentication information by encrypting authentication information based on biometric encryption technology using the registration feature data as a kind of encryption key, and a service identifier (SID), authentication method
  • SID service identifier
  • S309 is a process in which the 1: N authentication server 300 receives a service identifier (SID), an authentication method type, and biometric encryption authentication information, and registers a record in the biometric encryption authentication information DB 301.
  • SID service identifier
  • FIG. 4 is a flowchart showing a specific example of authentication information and biometric encryption processing. Note that S307 and S308 in the figure are the same steps as those shown in FIG.
  • the authentication information includes a user ID (UID) and a password.
  • a user ID (UID) In the case of PKI authentication (authentication information example 2), a user ID (UID), a private key, and a public key certificate are included.
  • FIDO authentication authentication information example 3
  • a user ID (UID) and a secret key are included.
  • the checksum or hash value or MAC (message authentication code) is calculated for the authentication information, and is added to the authentication information as verification information.
  • the authentication information is encrypted using the registration feature data as an encryption key to create biometric encryption authentication information.
  • FIG. 5 is a diagram showing an authentication processing flow in this embodiment.
  • S500 is a process in which the user terminal 200 receives a user service use operation, specifies a service identifier (SID), and makes a service use request to the service providing server 400 corresponding to the service identifier (SID). .
  • SID service identifier
  • S501 is a process in which the service providing server 400 makes a user ID identification / authentication request to the user terminal 200 in response to the service use request of S500.
  • S503 is a process in which the user terminal 200 acquires biometric information for user authentication via a sensor.
  • S503 is a process in which the user terminal 200 acquires authentication feature data from the authentication biometric information.
  • S504 is a process in which the user terminal 200 converts the authentication feature data, creates authentication conversion feature data, and transmits it to the 1: N authentication server 300 together with the service identifier (SID).
  • SID service identifier
  • S505 is a decryption process when the 1: N authentication server 300 receives a service identifier (SID) and authentication feature data. Specifically, when a record matching the received service identifier (SID) is searched from the biometric encryption authentication information DB 301, and N such records exist (N ⁇ 1), 1: N Perform biometric decoding. Details of this processing will be described later with reference to FIG. If this processing fails, the user terminal 200 is notified of the authentication failure. In this case, the user terminal 200 may end the authentication process or may return to step (S502) and try authentication again.
  • SID service identifier
  • the 1: N authentication server 300 uses the decrypted authentication information (user ID and authentication secret information) via the user terminal 200.
  • the proxy authentication response is sent to the service providing server 400.
  • the user terminal 200 transfers the user identification / authentication request (S501) received from the service providing server 400 to the 1: N authentication server 300 and receives the proxy authentication response (S506) of the 1: N authentication server 300.
  • This is a process of performing an authentication response by transferring to the service providing server 400.
  • the 1: N authentication server 300 may directly communicate with the service providing server 400 without using the user terminal 200 to perform the authentication response processing in S507.
  • S508 is a process in which the service providing server 400 receives the authentication response S507 from the user terminal 200 or the 1: N authentication server 300 and performs a user authentication process.
  • S509 is a process in which the service providing server 400 provides a service to the user terminal 200 when the user authentication process is successful in S508. If user authentication fails in S508, the process is terminated without providing the service.
  • S510 is a process in which the user terminal 200 receives service provision from the service provision server 400 in S509 and uses the service when the user authentication process is successful in S508.
  • specific examples of the feature conversion steps (S306) and (S504), the biometric encryption step (S308), and the 1: N biometric decryption step (S505) will be supplementarily described with sentences.
  • the feature data is expressed as a bit string of n bit and the Hamming distance between the registration feature data and the authentication feature data is t bit (t ⁇ n) or less, it is determined that the person is the person. To do.
  • the registration terminal 100 and the user terminal 200 share and store n bit secret random number information r in advance.
  • biometric encryption step (S308) first, an error correction code having a code length n and a minimum distance 2t + 1 is formed, and one codeword w is randomly selected therefrom.
  • hash (w) is calculated using an appropriate hash function h ( ⁇ ). This k is regarded as an encryption key, and authentication information is encrypted by using an appropriate encryption algorithm (for example, AES) to create encrypted authentication information. Then, a set of auxiliary information c and encrypted authentication information is output as biometric encrypted authentication information.
  • FIG. 6 is a flowchart showing details of the 1: N biometric decoding step S505.
  • S601 is a process in which the user terminal 200 searches the biometric encryption authentication information DB for a record (assuming that there are N records) in which the service identifier in the record matches the service identifier (SID) received from the user terminal 200. It is.
  • S602 is a process of decrypting the biometric encryption with the biometric encryption authentication information for each matched record and the authentication conversion feature data as the decryption key. More specifically, the auxiliary information c included in the biometric encryption authentication information is exclusive ORed with the authentication conversion feature data y ′.
  • w ' is information with an error of t bits or less with respect to w.
  • decoding processing using an error correction code is performed on w ′. Since the minimum distance of the error correction code is 2t + 1, an error of t bits or less can be corrected correctly. Therefore, if the hamming distance between x and x ′ is equal to or less than t (that is, if biometric information to be determined to be the person is input), w can be correctly restored. That is, when the distance between the authentication encoded feature data and the registration encoded feature data is equal to or less than a predetermined value, correct authentication information is decoded. In other words, it can be said that correct authentication information is decoded when the degree of similarity between the authentication encoded feature data and the registration encoded feature data is a predetermined value or more.
  • k ′ hash (w ′′) is calculated, k ′ is regarded as a decryption key, and the above encryption algorithm is used to obtain biometric encryption authentication information. Decrypt the included encrypted authentication information.
  • S604 is a process for identifying the user when “success” is obtained in step (S603).
  • the Hamming distance d ( ⁇ t) between w and w ′ matches the Hamming distance between x and x ′. If there are a plurality of “successful” records in (S603), it is considered that the record with the smaller t ′ is more personal. Therefore, the user is uniquely identified by such a method that d is the record with the smallest d, or d is less than a certain threshold value t ′, and the first one found is the record. .
  • the user terminal 200 does not need to store any information created from the user's biometric information or any information constituting the user authentication information.
  • the 1: N authentication server 300 and the service providing server 400 do not need to store any information for identifying the user terminal 200. Therefore, when using various services, the user can use any user terminal without registering or limiting user terminals to be used in advance. It is also possible to share one terminal with an unspecified number of users.
  • the behavior of the user terminal 200 is indistinguishable from processing in normal password authentication, PKI authentication, and FIDO authentication. Therefore, the user can use an authentication method based only on biometric information without correcting the user authentication function in the service providing server 400 or the user authentication information (password, public key, etc.) already registered in the user information DB 401. it can.
  • the process of specifying the user ID is executed in the 1: N authentication server 300 based on only the biometric information, and the process of presenting the user ID to the service providing server 400 is also executed on behalf of the user. .
  • the registration / authentication process flow is executed based on biometric encryption authentication information (including user ID and authentication secret information) and its verification information, and 1: N biometric decryption process.
  • biometric encryption authentication information including user ID and authentication secret information
  • N biometric decryption process There is no need to directly store biometric information for registration, biometric feature data for registration, and authentication information, and such information is highly protected. This minimizes the risk of leakage of biometric information and authentication information, enabling safe and secure authentication.
  • Registration terminal 101 Service specification function 102: User ID input function 103: Authentication secret information input (creation) function 104: Certificate creation function 105: Sensor 106: Feature extraction function 107: Feature conversion function 108: Verification information creation Function 109: Bimetric encryption function 110: Registration function 200: User terminal 201: Service use function 202: Sensor 203: Feature extraction function 204: Feature conversion function 205: Authentication response function 300: 1: N authentication server 301: Biometric encryption Authentication information DB 302: 1: N biometric decryption function 303: proxy authentication response function 400: service providing server 401: user information DB 402: user authentication function 403: service providing function 500: network 700: CPU 701: memory 702 : Storage 703: Input device 704: Output device 705: Communication device

Abstract

A biometric authentication system is provided with a server that is equipped with: an extraction unit that extracts feature data for authentication from biometric information that has been obtained; an encoding unit that encodes the feature data for authentication to create encoded feature data for authentication; a terminal provided with a transmission unit that transmits the feature data for authentication; a database (DB) that stores encrypted authentication information; a search unit that searches the encrypted authentication information contained in the DB; a decoding unit that decodes the searched encrypted authentication information using the encoded feature data for authentication as a decoding key; and a processing unit that performs an authentication response process with respect to an authenticated user, in place of a user terminal, on the basis of the authentication information obtained through decoding. Thus, when a user uses various existing services from one or more terminals, the present invention executes convenient and safe authentication that does not require an ID to be input or a card to be presented, without limiting the combination of users and terminals, and without modifying a service server.

Description

1:N生体認証・暗号・署名システム1: N biometric authentication / encryption / signature system
本発明は、個人の生体情報に基づいて認証、暗号、署名などの処理を行うシステムに関する。 The present invention relates to a system that performs processing such as authentication, encryption, and signature based on personal biometric information.
 社会全体のIT化の進展に伴い、銀行ATMやオンラインバンキング、カード決済、Webサービス、入退管理や勤怠管理、ホテルや会員施設の利用など、様々な場面において利用者の確実な識別と認証がますます重要となっている。従来、パスワードやIDカードなどを用いた識別・認証方式が主流であったが、パスワードリスト攻撃やカード偽造などによるなりすましの被害が多発しており、より確実で便利な認証手段として、指紋や静脈、顔、虹彩などの生体情報に基づいて個人を識別・認証する生体認証技術への期待が高まっている。 With the advancement of IT in the society as a whole, reliable identification and authentication of users in various situations such as bank ATM, online banking, card payment, web service, entrance / exit management and attendance management, use of hotels and member facilities, etc. It is becoming increasingly important. Conventionally, identification and authentication methods using passwords and ID cards have been the mainstream, but spoofing damages such as password list attacks and card counterfeiting have frequently occurred, and fingerprints and veins are more reliable and convenient authentication methods. There is an increasing expectation for biometric authentication technology that identifies and authenticates individuals based on biometric information such as faces and irises.
 また、利用するシステム、サービスが増加するに伴い、一人のユーザが管理しなくてはならないID・パスワードやカードの数も増加し、利便性が低下するのみならず、パスワードの使い回しやカード盗難・偽造リスクの増加などセキュリティが低下する問題も生じている。 In addition, as the number of systems and services used increases, the number of IDs, passwords and cards that must be managed by a single user increases, which not only reduces convenience, but also enables password reuse and card theft.・ Security issues such as an increase in forgery risk have also occurred.
 こうした背景から、生体認証だけで様々なサービスを利用可能とするための試みが提案されており、例えばFIDOアライアンスが策定したUAF規格では、ユーザ端末(スマートフォンやPC等)側で生体認証が成功した場合に、端末内の秘密鍵を使ってサーバとの間で公開鍵暗号技術に基づくチャレンジレスポンス認証を行うプロトコルを定義している。ユーザは予め自分の端末に自分自身の生体情報を登録するとともに、利用する各サービス(例えばオンライン決済やネットバンキング等)毎に自分の秘密鍵と公開鍵のペアを作成し、秘密鍵を端末に、公開鍵を各サービスサーバに登録しておくことで、以降は自分の端末に生体情報を提示するだけで、各サービスを利用することができる。しかしながらこの方式では、ユーザは予め自分の生体情報とサービス毎の秘密鍵を、端末に登録しておく必要がある。このためFIDOは、ユーザが1,2個の端末を自身で専有していて、各サービスへのアクセスはこの専有の端末からのみ行う、という使い方を前提としている。しかしATMやPOS端末、オフィスや大学等で、一つまたは複数の端末を、複数または不特定多数のユーザで共有する使い方や、一人のユーザが多数の端末を所持している場合、あるいは一人のユーザが頻繁に端末を買い替えるケースにおいては、FIDO/UAF方式では登録時の運用が煩雑となる(利便性の低下)、生体情報や秘密鍵といった機密性が高くセンシティブな情報の漏えいリスクが高まる(安全性が低下する)という課題が生じる。 Against this background, attempts have been made to make various services available using only biometric authentication. For example, in the UAF standard established by the FIDO Alliance, biometric authentication was successful on the user terminal (smartphone, PC, etc.) side. In this case, a protocol is defined that performs challenge-response authentication based on public key encryption technology with a server using a secret key in the terminal. The user registers his / her own biometric information in his / her terminal in advance and creates a pair of his / her private key and public key for each service (for example, online payment, net banking, etc.) to be used. By registering the public key in each service server, each service can be used only by presenting the biometric information on its own terminal thereafter. However, in this method, the user needs to register his / her biometric information and a secret key for each service in the terminal in advance. For this reason, FIDO is based on the premise that the user occupies one or two terminals, and access to each service is performed only from this dedicated terminal. However, in ATMs, POS terminals, offices, universities, etc., one or more terminals can be shared by multiple or unspecified users, or if one user has many terminals, In cases where the user frequently replaces the terminal, the FIDO / UAF method makes the registration operation complicated (decrease in convenience) and increases the risk of leaking sensitive and sensitive information such as biometric information and secret keys ( The problem that safety is reduced) arises.
 一方で、登録・保存しておく生体情報を保護し、漏えいリスクを大幅に低減する技術として、バイオメトリック暗号と呼ばれる技術が注目されている。バイオメトリック暗号は、登録時に生体情報から特徴量Xを抽出し、Xに乱数情報Rを加えてある種の秘匿化処理を行うことで補助情報と呼ばれるデータHを作成する。補助情報Hはユーザ端末などに保存しておく。認証時には新たに取得した生体情報から特徴量X’を抽出し、X’を用いて補助情報Hに対して復元処理を行うことで、R’を復元する。X’がXに十分近いとき、またその時に限って正しい乱数情報が復元される(R=R’)となる。またXに十分近いX’を知らない限り、HからXやRを推定することは十分困難であるように、アルゴリズムが設計されている。Rの値またはRのハッシュ値を登録、照合することで登録時の特徴量Xを秘匿したまま認証することが可能となるほか、Rの値またはRのハッシュ値を秘密鍵とみなして、データの暗号化や復号化、電子署名の生成処理を行うことで、秘密鍵を直接保持することなく、生体情報に基づく暗号・復号、電子署名を実現することもできる。 On the other hand, a technique called biometric cryptography has attracted attention as a technique for protecting biometric information to be registered and stored and greatly reducing the risk of leakage. Biometric cryptography extracts feature quantity X from biometric information at the time of registration, and adds random number information R to X to perform some kind of concealment processing, thereby creating data H called auxiliary information. The auxiliary information H is stored in a user terminal or the like. At the time of authentication, the feature quantity X ′ is extracted from the newly acquired biometric information, and R ′ is restored by performing restoration processing on the auxiliary information H using X ′. The correct random number information is restored (R = R ') only when X' is sufficiently close to X and only at that time. The algorithm is designed so that it is difficult to estimate X and R from H unless X ′ sufficiently close to X is known. By registering and collating the R value or R hash value, it is possible to authenticate with the feature X at the time of registration kept secret, and the R value or R hash value is considered as a secret key and data By performing encryption / decryption and digital signature generation processing, encryption / decryption and digital signature based on biometric information can be realized without directly holding the secret key.
 バイオメトリック暗号をFIDO/UAF規格と組み合わせることで、端末側に生体情報や秘密鍵を保存する必要がなくなり、かわりに補助情報Hを保存すれば良いことになる。これにより生体情報や秘密鍵の漏えいリスクを低減することが可能となる。しかしながら、やはり一つまたは複数の端末を、複数または不特定多数のユーザで共有する使い方に適用した場合、登録時の運用が煩雑である(利便性が低下する)、という課題の解決には至らない。またバイオメトリック暗号における乱数情報Rの復元処理は、誤り訂正処理や暗号学的な処理など複雑な計算を要する場合があり、計算能力の限られた端末内で多数のユーザの補助情報に対する復元処理を行うことは計算量的に困難であるという課題もある。 -Combining biometric encryption with the FIDO / UAF standard eliminates the need to store biometric information and secret keys on the terminal side, and it is sufficient to store auxiliary information H instead. This can reduce the risk of leakage of biometric information and secret keys. However, when one or a plurality of terminals are applied to a method of sharing with a plurality of or unspecified number of users, the problem that the operation at the time of registration is complicated (convenience decreases) has been solved. Absent. In addition, the restoration process of random number information R in biometric cryptography may require complicated calculations such as error correction processes and cryptographic processes, and the restoration process for auxiliary information of a large number of users within a terminal with limited calculation capability There is also a problem that it is difficult to perform the calculation.
 またFIDO/UAFに基づく認証は、当該規格に準拠したサービスサーバでしか利用できない。バイオメトリック暗号にしても、その認証機能を実装したサービスサーバでしか利用できない。このためパスワード認証やPKI認証など既存の認証手段を利用している既存の様々なオンラインサービスに対し、サーバを改修することなく生体認証のみでサービスを利用することは、上述の技術では実現できない。 Also, authentication based on FIDO / UAF can only be used with service servers that comply with the standard. Even biometric cryptography can be used only on a service server that implements the authentication function. For this reason, it is not possible with the above-described technology to use a service only by biometric authentication without modifying the server for various existing online services that use existing authentication means such as password authentication and PKI authentication.
 本発明は、ユーザが既存の様々なオンラインサービスを、一つまたは複数の端末から利用する際に、ユーザと端末の組合せを限定することなく、またサービスサーバを改修することなく、更にID入力やカード提示などを必要とせずに生体認証のみによる便利で安全な認証を実現することを目的とする。またこのとき、登録生体情報やその特徴量データ、秘密鍵、パスワード、ユーザID、個人情報など機密性の高い情報やセンシティブ情報を、端末やサーバに直接保存することなく実現することを目的とする。 The present invention allows the user to use various existing online services from one or a plurality of terminals without limiting the combination of the user and the terminal, without modifying the service server, The purpose is to realize convenient and secure authentication using only biometric authentication without requiring card presentation. In addition, at this time, the purpose is to realize highly confidential information and sensitive information such as registered biometric information and its feature data, secret key, password, user ID, and personal information without directly storing them in the terminal or server. .
 上記課題を解決するため、本発明における認証システムは、ユーザの生体情報を取得するセンサと、取得された生体情報から認証用特徴データを抽出する特徴抽出部と、認証用特徴データを符号化して認証用符号化特徴データを作成する特徴データ符号化部と、認証用符号化特徴データを含む識別要求情報を外部に送信する送信部と、を備えるユーザ端末と、バイオメトリック暗号化認証情報を格納するDBと、識別要求情報に基づきDBに含まれるバイオメトリック暗号化認証情報を検索する検索部と、検索されたバイオメトリック暗号化認証情報に対して認証用符号化特徴データを復号化鍵として復号化を行い、復号化により得た認証情報に基づきユーザを一意に識別する復号化処理部と、識別されたユーザに対して復号化により得た認証情報に基づきユーザ端末に代わって認証応答処理を行う認証応答処理部と、を備える認証サーバと、を備える。 In order to solve the above-described problem, an authentication system according to the present invention encodes a sensor that acquires biometric information of a user, a feature extraction unit that extracts authentication feature data from the acquired biometric information, and authentication feature data. A user terminal comprising: a feature data encoding unit for generating authentication encoded feature data; and a transmission unit for transmitting identification request information including the authentication encoded feature data to the outside; and storing biometric encryption authentication information A search unit that searches for biometric encryption authentication information included in the DB based on the identification request information, and decrypts the encoded feature data for authentication with respect to the searched biometric encryption authentication information And the decryption processing unit that uniquely identifies the user based on the authentication information obtained by decryption, and obtained by decryption for the identified user It comprises an authentication response processor for performing an authentication response process on behalf of the user terminal based on the testimony information, the authentication server comprising, a.
 本発明により、ユーザは既存の様々なオンラインサービスを、一つまたは複数の端末から利用する際に、ユーザと端末の組合せを限定することなく、またサービスサーバを改修することなく、更にID入力やカード提示などを必要とせずに生体認証のみで安全・便利に認証することが可能となる。 According to the present invention, when using various existing online services from one or a plurality of terminals, the user can further input ID without limiting the combination of the user and the terminal, and without modifying the service server. It is possible to authenticate safely and conveniently only by biometric authentication without requiring card presentation.
本発明の実施例の機能構成を示すブロック図である。It is a block diagram which shows the function structure of the Example of this invention. 本発明の実施例におけるバイオメトリック暗号化認証情報DBを示す図である。It is a figure which shows biometric encryption authentication information DB in the Example of this invention. 本発明の実施例における登録処理を示すフロー図である。It is a flowchart which shows the registration process in the Example of this invention. 本発明の実施例における認証情報例とバイオメトリック暗号化処理を示すフロー図である。It is a flowchart which shows the authentication information example and biometric encryption process in the Example of this invention. 本発明の実施例における認証処理を示すフロー図である。It is a flowchart which shows the authentication process in the Example of this invention. 本発明の実施例における1:Nバイオメトリック復号化処理を示すフロー図である。It is a flowchart which shows 1: N biometric decoding process in the Example of this invention. 本発明の実施例における登録端末、ユーザ端末、1:N認証サーバ、サービス提供サーバのハードウェア構成を示すブロック図である。It is a block diagram which shows the hardware constitutions of the registration terminal in the Example of this invention, a user terminal, 1: N authentication server, and a service provision server.
 以下、図面を参照して、本発明の第一の実施例について説明する。 Hereinafter, a first embodiment of the present invention will be described with reference to the drawings.
 本実施例は、ATMやPOS端末、オフィスや大学等で、一つまたは複数の端末を、複数または不特定多数のユーザで共有するケースに適用可能である。また、一人のユーザが多数の端末を所持しているケースに適用可能である。更に、一人のユーザが頻繁に端末を買い替えるケースに適用可能である。本実施例によれば、これらのケースにおいて、IDやパスワード、カードの提示などを必要とせず、生体情報のみで、オンライン決済や店頭でのクレジット決済、ネットバンキング、各種Webサービス、情報システムへのログイン、改札機の開閉など様々なサービスを利用する際のユーザ認証や本人確認を行うことができる。 This embodiment can be applied to a case where one or a plurality of terminals are shared by a plurality of or an unspecified number of users in ATMs, POS terminals, offices, universities, or the like. Further, the present invention can be applied to a case where a single user has a large number of terminals. Furthermore, the present invention can be applied to a case where one user frequently replaces a terminal. According to the present embodiment, in these cases, it is not necessary to present an ID, password, card, etc., only biometric information, online payment, credit payment at the store, net banking, various web services, information system User authentication and identity verification when using various services such as login and opening / closing of ticket gates can be performed.
 なお、生体情報は、指や掌に張り巡らされる静脈をはじめ、指紋、顔、虹彩等が想定される。 Note that biometric information is assumed to include fingerprints, faces, irises, etc., as well as veins stretched around fingers and palms.
 図1に、本実施例における生体認証システムのシステム構成を示す。本システムは、ユーザの生体情報および各種サービスの認証情報を安全な形に変換して登録する登録端末100と、ユーザが各種サービスを利用するためのユーザ端末200と、生体情報のみに基づいてユーザを識別するとともに当該ユーザの当該サービスに対する認証情報の復号化と認証応答処理を代理で行う1:N認証サーバ300と、ユーザ端末を介して当該ユーザへサービスを提供するサービス提供サーバ400と、これらを繋ぐネットワーク500とから構成される。ここでユーザ端末200は、オフィスや大学、自宅などにおける共有または個人のPC、スマートフォンやタブレット、あるいは銀行ATMやPOS端末、各種業務用端末などが想定される。ユーザ端末は、同様の構成を備えるものが複数存在することを想定する。登録端末100は、ユーザ端末200と同じ端末であってもよいし、別の端末であってもよい。また登録端末の操作者はユーザ自身であってもよいし、ユーザと別のオペレータやシステム管理者であってもよい。サービス提供サーバ400は、バンキングサーバや決済サーバ、各種Webサービスサーバ、企業・大学における情報システムの認証サーバなどでもよく、一般に複数存在する。本実施例では、サービス提供サーバ400におけるユーザ認証機能(例えばパスワードBasic認証、パスワードDigest認証、PKI認証、FIDO認証など)を、生体認証用に改修する必要がなく、そのまま利用することができる。 FIG. 1 shows the system configuration of the biometric authentication system in this embodiment. This system includes a registration terminal 100 that converts user biometric information and authentication information of various services into a secure form and registers, a user terminal 200 for the user to use various services, and a user based only on biometric information. And a 1: N authentication server 300 that performs a proxy for authentication information decryption and authentication response processing for the service of the user, a service providing server 400 that provides the service to the user via a user terminal, and Network 500 that connects the two. Here, the user terminal 200 is assumed to be a shared or personal PC, a smartphone or a tablet, a bank ATM, a POS terminal, various business terminals, or the like in an office, university, home, or the like. It is assumed that there are a plurality of user terminals having the same configuration. Registration terminal 100 may be the same terminal as user terminal 200 or may be a different terminal. The operator of the registration terminal may be the user himself / herself, or may be an operator or system administrator different from the user. The service providing server 400 may be a banking server, a payment server, various web service servers, an authentication server for an information system in a company / university, and there are generally a plurality of such servers. In this embodiment, the user authentication function (for example, password basic authentication, password digest authentication, PKI authentication, FIDO authentication, etc.) in the service providing server 400 does not need to be modified for biometric authentication and can be used as it is.
 登録端末100は、ユーザが生体認証のみで利用したいサービスを指定または選択するサービス指定機能101と、サービスにおけるユーザIDを入力するユーザID入力機能102と、サービスにおけるユーザIDに対する認証用秘密情報(パスワードや秘密鍵など)を入力または作成する認証用秘密情報入力(作成)機能103と、ユーザ認証機能がPKI認証などであった場合に秘密鍵に対応する公開鍵証明書を作成する証明書作成機能104と、登録用生体情報を取得するセンサ105と、登録用生体情報から登録用特徴データを抽出する特徴抽出機能106と、登録用特徴データを秘匿するため変換を行い変換特徴データを作成する特徴変換機能107と、サービスにおける認証情報(詳細は図4で後述する)に対する検証情報を作成する検証情報作成機能108と、認証情報と検証情報の組を、登録用変換特徴データを一種の暗号鍵として、バイオメトリック暗号技術に基づき暗号化してバイオメトリック暗号化認証情報を作成するバイオメトリック暗号機能109と、バイオメトリック暗号化認証情報を前記サービスの識別子(SID)や、サービスにおける認証方式の種別情報などと対応付けて1:N認証サーバ300に登録する登録機能110と、から構成される。 The registration terminal 100 includes a service designation function 101 for designating or selecting a service that the user wants to use only by biometric authentication, a user ID input function 102 for inputting a user ID in the service, and authentication secret information (password) for the user ID in the service Authentication secret information input (creation) function 103 that inputs or creates a private key) and a certificate creation function that creates a public key certificate corresponding to the private key when the user authentication function is PKI authentication, etc. 104, a sensor 105 that acquires biometric information for registration, a feature extraction function 106 that extracts feature data for registration from the biometric information for registration, and a feature that performs conversion to conceal the feature data for registration and creates converted feature data Conversion function 107, verification information creation function 108 for creating verification information for authentication information (details will be described later in FIG. 4), and authentication information and verification A biometric encryption function 109 for generating biometric encryption authentication information by encrypting a set of information using registration conversion feature data as a kind of encryption key based on biometric encryption technology, and the biometric encryption authentication information It comprises a registration function 110 that registers with the 1: N authentication server 300 in association with the service identifier (SID), type information of the authentication method in the service, and the like.
 ユーザ端末200は、各種サービスを利用するためのサービス利用機能201と、認証用生体情報を取得するセンサ202と、認証用生体情報から認証用特徴データを抽出する特徴抽出機能203と、認証用特徴データを秘匿するため変換を行い変換特徴データを作成する特徴変換機能204と、サービスのサービス提供サーバ400からのユーザ識別・認証要求に対して1:N認証サーバ300を利用して認証応答を行う認証応答機能205と、から構成される。 The user terminal 200 includes a service use function 201 for using various services, a sensor 202 that acquires biometric information for authentication, a feature extraction function 203 that extracts authentication feature data from the biometric information for authentication, and an authentication feature A feature conversion function 204 that performs conversion to conceal data and creates conversion feature data, and a user identification / authentication request from the service providing server 400 for service, performs an authentication response using the 1: N authentication server 300 Authentication response function 205.
 なお、センサ202は、取得する生体情報に応じて適宜選択可能である。例えば生体情報として指静脈を採用する場合、図示しない光源から照射された後に指を透過した透過光を撮像する撮像部等が想定される。 The sensor 202 can be selected as appropriate according to the biological information to be acquired. For example, when a finger vein is used as the biological information, an imaging unit or the like that captures transmitted light that has been irradiated from a light source (not shown) and then transmitted through the finger is assumed.
 1:N認証サーバ300は、バイオメトリック暗号化認証情報をサービスの識別子(SID)やサービスにおける認証方式の種別情報などと対応付けて保存するバイオメトリック暗号化認証情報DB301と、ユーザ端末200から受信するサービス識別子(SID)および認証用変換特徴データに基づいてバイオメトリック暗号化認証情報DB301からユーザを特定し、サービスに対応する認証情報を復元する1:Nバイオメトリック復号化機能302と、復号化された認証情報に基づいて、ユーザ端末200を介し、サービス提供サーバ400に対するユーザ認証応答処理を代理で行う代理認証応答機能303とから構成される。 1: N authentication server 300 receives biometric encryption authentication information DB 301 that stores biometric encryption authentication information in association with a service identifier (SID), authentication method type information, and the like from user terminal 200. 1: N biometric decryption function 302 that identifies a user from biometric encryption authentication information DB 301 based on the service identifier (SID) and authentication conversion feature data to be restored and restores authentication information corresponding to the service, and decryption A proxy authentication response function 303 that performs a user authentication response process for the service providing server 400 as a proxy via the user terminal 200 based on the authenticated authentication information.
 サービス提供サーバ400は、ユーザID、パスワードまたはパスワードのハッシュ値、公開鍵、などのユーザ情報を管理するユーザ情報DB401と、認証情報に基づいてユーザ認証を行うユーザ認証機能402と、認証成功した場合にユーザ端末200に対してサービス提供を行うサービス提供機能403と、から構成される。 The service providing server 400 includes a user information DB 401 that manages user information such as a user ID, a password or a hash value of a password, a public key, a user authentication function 402 that performs user authentication based on authentication information, and a case where authentication is successful. And a service providing function 403 that provides a service to the user terminal 200.
 ここでいうサービスとは、先に述べたように、オンライン決済、店頭でのクレジット決済、ネットバンキング、各種Webサービス、情報システムへのログイン、改札機の開閉、等が想定される。 As mentioned above, the service here is assumed to be online payment, credit payment at the store, net banking, various web services, login to information systems, opening / closing of ticket gates, etc.
 図2に、バイオメトリック暗号化認証情報DB301が管理する情報を示す。DBに登録される各レコードは、登録端末100または1:N認証サーバ300が、各レコードを管理するために割り振る管理ID(MID)と、サービス指定機能101により指定されるサービスの識別子(SID)と、サービスにおいて使われる認証方式の種別(パスワードBasic認証、パスワードDigest認証、PKI認証、FIDO認証など)と、バイオメトリック暗号化認証情報と、を含む。一つのレコードが複数のバイオメトリック暗号化認証情報を含んでいてもよい。また一人のユーザに対し複数のレコードを登録してもよい。 Figure 2 shows the information managed by the biometric encryption authentication information DB 301. Each record registered in the DB includes a management ID (MID) assigned by the registration terminal 100 or 1: N authentication server 300 to manage each record, and a service identifier (SID) specified by the service specification function 101. And the type of authentication method used in the service (password basic authentication, password digest authentication, PKI authentication, FIDO authentication, etc.) and biometric encryption authentication information. One record may include a plurality of biometric encryption authentication information. A plurality of records may be registered for one user.
 図7に、本実施例における登録端末100、ユーザ端末200、1:N認証サーバ300、サービス提供サーバ400のハードウェア構成を示す。これらは図のようにCPU700、メモリ701、ストレージ702、入力装置703、出力装置704、通信装置705とから構成することができる。 FIG. 7 shows the hardware configuration of the registration terminal 100, user terminal 200, 1: N authentication server 300, and service providing server 400 in the present embodiment. These can be constituted by a CPU 700, a memory 701, a storage 702, an input device 703, an output device 704, and a communication device 705 as shown in the figure.
 図3は、本実施例における登録処理フローを示す図である。 FIG. 3 is a diagram showing a registration processing flow in this embodiment.
 S300は、登録端末100が、ユーザやオペレータの操作等により、利用するサービスの識別子(SID)およびその認証方式種別を特定する処理である。 S300 is a process in which the registration terminal 100 specifies the identifier (SID) of the service to be used and its authentication method type by the operation of the user or operator.
 S301は、登録端末100がユーザID(UID)の入力を受け付ける処理である。 S301 is a process in which the registration terminal 100 receives an input of a user ID (UID).
 S302は、登録端末100が、サービスにおける認証方式種別に対応した認証用秘密情報の入力を受け付ける、あるいは認証用秘密情報を作成する処理である。例えばパスワード認証なら、パスワードの入力を受け付ける。PKI認証やFIDO認証なら、秘密鍵と公開鍵のペアを生成する。 S302 is a process in which the registration terminal 100 receives input of authentication secret information corresponding to the authentication method type in the service or creates authentication secret information. For example, password authentication accepts password input. For PKI authentication and FIDO authentication, a private key / public key pair is generated.
 S303は、登録端末100が、認証方式に応じて認証情報の証明書を作成する処理である。例えばPKI認証なら、公開鍵を含む公開鍵証明書を作成する。 S303 is a process in which the registration terminal 100 creates a certificate of authentication information according to the authentication method. For example, in the case of PKI authentication, a public key certificate including a public key is created.
 S304は、登録端末100が、センサ105を介してユーザの登録用生体情報を取得する処理である。 S304 is a process in which the registration terminal 100 acquires biometric information for registration of the user via the sensor 105.
 S305は、登録端末100が、登録用生体情報から、登録用特徴データを抽出する処理である。 S305 is a process in which the registration terminal 100 extracts registration feature data from the biometric information for registration.
 S306は、登録端末100が、登録用特徴データを変換し、登録用変換特徴データを作成する処理である。具体的な変換例については図5の説明後段で後述する。本ステップにより、前記1:N認証サーバ300に対し、後述する認証用特徴データをも秘匿することが可能となる。ただし本ステップを実行せずとも、登録用特徴データは秘匿すること自体は可能である。 S306 is processing in which the registration terminal 100 converts the registration feature data to create registration conversion feature data. A specific conversion example will be described later in the latter part of the description of FIG. This step makes it possible to conceal authentication feature data described later from the 1: N authentication server 300. However, the registration feature data can be kept secret without executing this step.
 S307は、登録端末100が、認証情報に対する検証情報を付与する処理である。具体的な方法については図4で後述する。 S307 is a process in which the registration terminal 100 gives verification information to the authentication information. A specific method will be described later with reference to FIG.
 S308は、登録端末100が、登録用特徴データを一種の暗号鍵として、バイオメトリック暗号技術に基づき、認証情報を暗号化してバイオメトリック暗号化認証情報を作成し、サービス識別子(SID)、認証方式種別とともに、前記1:N認証サーバ300に送信する処理である。詳細は図5の説明後段で後述する。 In S308, the registration terminal 100 creates biometric encryption authentication information by encrypting authentication information based on biometric encryption technology using the registration feature data as a kind of encryption key, and a service identifier (SID), authentication method This is a process of transmitting to the 1: N authentication server 300 together with the type. Details will be described later in FIG.
 S309は、1:N認証サーバ300が、サービス識別子(SID)と認証方式種別とバイオメトリック暗号化認証情報を受信し、バイオメトリック暗号化認証情報DB301にレコードを登録する処理である。 S309 is a process in which the 1: N authentication server 300 receives a service identifier (SID), an authentication method type, and biometric encryption authentication information, and registers a record in the biometric encryption authentication information DB 301.
 図4は、認証情報の具体例とバイオメトリック暗号化処理を示すフロー図である。なお、図中のS307およびS308は、図3で示したものと同じステップである。 FIG. 4 is a flowchart showing a specific example of authentication information and biometric encryption processing. Note that S307 and S308 in the figure are the same steps as those shown in FIG.
 認証方式種別には、様々なものが想定される。例えばパスワード認証(Basic認証やDigest認証など)の場合(認証情報例1)、認証情報はユーザID(UID)とパスワードを含む。PKI認証の場合(認証情報例2)は、ユーザID(UID)、秘密鍵および公開鍵証明書を含む。FIDO認証の場合(認証情報例3)は、ユーザID(UID)と秘密鍵を含む。 Various types of authentication methods are assumed. For example, in the case of password authentication (Basic authentication, Digest authentication, etc.) (authentication information example 1), the authentication information includes a user ID (UID) and a password. In the case of PKI authentication (authentication information example 2), a user ID (UID), a private key, and a public key certificate are included. In the case of FIDO authentication (authentication information example 3), a user ID (UID) and a secret key are included.
 S307の検証情報付与ステップでは、認証情報に対し、そのチェックサムまたはハッシュ値、あるいはMAC(メッセージ認証コード)などを計算し、検証情報として認証情報に付与する。 In the verification information addition step of S307, the checksum or hash value or MAC (message authentication code) is calculated for the authentication information, and is added to the authentication information as verification information.
 S308のバイオメトリック暗号化ステップでは、図3で述べた通り、登録用特徴データを暗号鍵として用いて認証情報を暗号化し、バイオメトリック暗号化認証情報を作成する処理である。 In the biometric encryption step of S308, as described in FIG. 3, the authentication information is encrypted using the registration feature data as an encryption key to create biometric encryption authentication information.
 図5は、本実施例における認証処理フローを示す図である。 FIG. 5 is a diagram showing an authentication processing flow in this embodiment.
 S500は、ユーザ端末200が、ユーザのサービス利用操作を受け、サービス識別子(SID)を特定するとともに、当該サービス識別子(SID)に対応するサービス提供サーバ400に対してサービス利用要求を行う処理である。 S500 is a process in which the user terminal 200 receives a user service use operation, specifies a service identifier (SID), and makes a service use request to the service providing server 400 corresponding to the service identifier (SID). .
 S501は、S500のサービス利用要求を受けて、サービス提供サーバ400がユーザ端末200に対してユーザIDの識別・認証要求を行う処理である。 S501 is a process in which the service providing server 400 makes a user ID identification / authentication request to the user terminal 200 in response to the service use request of S500.
 S503は、ユーザ端末200が、センサを介してユーザの認証用生体情報を取得する処理である。 S503 is a process in which the user terminal 200 acquires biometric information for user authentication via a sensor.
 S503は、ユーザ端末200が、認証用生体情報から、認証用特徴データを取得する処理である。 S503 is a process in which the user terminal 200 acquires authentication feature data from the authentication biometric information.
 S504は、ユーザ端末200が、認証用特徴データを変換し、認証用変換特徴データを作成し、サービス識別子(SID)とともに1:N認証サーバ300に送信する処理である。具体的な変換例については図6で後述する。本ステップにより、1:N認証サーバ300に対し、認証用特徴データをも秘匿することが可能となる。 S504 is a process in which the user terminal 200 converts the authentication feature data, creates authentication conversion feature data, and transmits it to the 1: N authentication server 300 together with the service identifier (SID). A specific conversion example will be described later with reference to FIG. This step makes it possible to conceal the authentication feature data from the 1: N authentication server 300 as well.
 S505は、1:N認証サーバ300が、サービス識別子(SID)と認証用特徴データを受信した際の復号処理である。具体的には、バイオメトリック暗号化認証情報DB301から、受信したサービス識別子(SID)に一致するレコードを検索するとともに、そのようなレコードがN個(N≧1)存在するとしたとき、1:Nバイオメトリック復号化を行う。本処理の詳細は図6で後述する。なお、本処理に失敗した場合、認証失敗としてユーザ端末200に通知する。この場合、ユーザ端末200は認証処理を終了するか、またはステップ(S502)に戻って再度認証を試みても良い。 S505 is a decryption process when the 1: N authentication server 300 receives a service identifier (SID) and authentication feature data. Specifically, when a record matching the received service identifier (SID) is searched from the biometric encryption authentication information DB 301, and N such records exist (N ≧ 1), 1: N Perform biometric decoding. Details of this processing will be described later with reference to FIG. If this processing fails, the user terminal 200 is notified of the authentication failure. In this case, the user terminal 200 may end the authentication process or may return to step (S502) and try authentication again.
 S506は、S505の1:Nバイオメトリック復号化に成功した場合に、1:N認証サーバ300が、復号化された認証情報(ユーザIDと認証用秘密情報)を用いて、ユーザ端末200を介して、サービス提供サーバ400に対して代理認証応答を行う処理である。 When S506 succeeds in 1: N biometric decryption of S505, the 1: N authentication server 300 uses the decrypted authentication information (user ID and authentication secret information) via the user terminal 200. Thus, the proxy authentication response is sent to the service providing server 400.
 S507は、ユーザ端末200が、サービス提供サーバ400から受信したユーザ識別・認証要求(S501)を1:N認証サーバ300に転送し、1:N認証サーバ300の代理認証応答(S506)を受信してサービス提供サーバ400に転送することで、認証応答を行う処理である。なお、1:N認証サーバ300はユーザ端末200を介さずにサービス提供サーバ400と直接通信を行って、S507の認証応答処理を代行する構成としてもよい。 In S507, the user terminal 200 transfers the user identification / authentication request (S501) received from the service providing server 400 to the 1: N authentication server 300 and receives the proxy authentication response (S506) of the 1: N authentication server 300. This is a process of performing an authentication response by transferring to the service providing server 400. Note that the 1: N authentication server 300 may directly communicate with the service providing server 400 without using the user terminal 200 to perform the authentication response processing in S507.
 S508は、サービス提供サーバ400が、ユーザ端末200または1:N認証サーバ300からの認証応答S507を受けてユーザ認証処理を行う処理である。 S508 is a process in which the service providing server 400 receives the authentication response S507 from the user terminal 200 or the 1: N authentication server 300 and performs a user authentication process.
 S509は、S508でユーザ認証処理が成功した場合に、サービス提供サーバ400がユーザ端末200に対し、サービス提供を行う処理である。なお、S508でユーザ認証に失敗した場合には、サービス提供を行わずに処理を終了する。S510は、ユーザ端末200が、S508でユーザ認証処理が成功した場合に、S509でサービス提供サーバ400からサービス提供を受け、サービスを利用するし処理である。
以下、特徴変換ステップ(S306)(S504)およびバイオメトリック暗号化ステップ(S308)、1:Nバイオメトリック復号化ステップ(S505)の具体例につき、文章を以て補足的に説明する。 S509 is a process in which the service providing server 400 provides a service to the user terminal 200 when the user authentication process is successful in S508. If user authentication fails in S508, the process is terminated without providing the service. S510 is a process in which the user terminal 200 receives service provision from the service provision server 400 in S509 and uses the service when the user authentication process is successful in S508.
Hereinafter, specific examples of the feature conversion steps (S306) and (S504), the biometric encryption step (S308), and the 1: N biometric decryption step (S505) will be supplementarily described with sentences.
 例として、特徴データがn bitのビット列で表現され、登録用特徴データと認証用特徴データとの間のハミング距離がt bit (t<n) 以下の時に、本人であると判定されるものとする。 As an example, when the feature data is expressed as a bit string of n bit and the Hamming distance between the registration feature data and the authentication feature data is t bit (t <n) or less, it is determined that the person is the person. To do.
 登録端末100およびユーザ端末200は、予めn bitの秘密の乱数情報 r を共有し保存しておく。 The registration terminal 100 and the user terminal 200 share and store n bit secret random number information r in advance.
 特徴変換ステップ(S306)では、登録用特徴データ x に対し、rとの排他的論理和 y = x(+)r ((+)は排他的論理和の記号とする)を計算し、このyを登録用変換特徴データとする。 In the feature conversion step (S306), for the registration feature data x, an exclusive OR with ry = x (+) r ((+) is a sign of exclusive OR) is calculated, and this y Is the conversion feature data for registration.
 認証フローにおける特徴変換ステップ(S504)でも同様に、認証用特徴データ x’ に対し、rとの排他的論理和 y’ = x’(+)r ((+)は排他的論理和の記号とする)を計算し、このyを登録用変換特徴データとする。 Similarly, in the feature conversion step (S504) in the authentication flow, for the authentication feature data x ', exclusive OR with rry' = x '(+) r ((+) is the exclusive OR symbol) And y is used as the conversion feature data for registration.
 ここで、y(+)y’=(x(+)r)(+)(x’(+)r)= x(+)x’ より、y, y’の間のハミング距離は、x, x’の間のハミング距離に等しいことに注意する。 Here, from y (+) y ′ = (x (+) r) (+) (x ′ (+) r) = x (+) x ′ 、, the Hamming distance between y and y ′ is x, Note that it is equal to the Hamming distance between x '.
 バイオメトリック暗号化ステップ(S308)では、まず符号長n、最小距離 2t+1 の誤り訂正符号を構成し、そこからランダムに符号語 w を一つ選択する。次に登録用変換特徴データyに対し、補助情報c=y(+)wを計算する。更に適当なハッシュ関数 h(・) を使い、k = hash(w) を計算する。この k を暗号鍵とみなし、適当な暗号化アルゴリズム(例えばAES)を用いて認証情報を暗号化し、暗号化認証情報を作成する。そして、補助情報cおよび暗号化認証情報の組を、バイオメトリック暗号化認証情報として出力する。 In the biometric encryption step (S308), first, an error correction code having a code length n and a minimum distance 2t + 1 is formed, and one codeword w is randomly selected therefrom. Next, auxiliary information c = y (+) w is calculated for the conversion feature data for registration y. Furthermore, k = hash (w) is calculated using an appropriate hash function h (·). This k is regarded as an encryption key, and authentication information is encrypted by using an appropriate encryption algorithm (for example, AES) to create encrypted authentication information. Then, a set of auxiliary information c and encrypted authentication information is output as biometric encrypted authentication information.
 図6は、1:Nバイオメトリック復号化ステップS505の詳細を示すフロー図である。 FIG. 6 is a flowchart showing details of the 1: N biometric decoding step S505.
 S601は、ユーザ端末200が、バイオメトリック暗号化認証情報DBから、レコード中のサービス識別子が、ユーザ端末200から受信したサービス識別子(SID)と一致するレコード(N個存在するとする)を検索する処理である。 S601 is a process in which the user terminal 200 searches the biometric encryption authentication information DB for a record (assuming that there are N records) in which the service identifier in the record matches the service identifier (SID) received from the user terminal 200. It is.
 S602は、一致したそれぞれのレコードに対してそのバイオメトリック暗号化認証情報を、認証用変換特徴データを復号鍵として、バイオメトリック暗号を復号化する処理である。具体的には、バイオメトリック暗号化認証情報に含まれる補助情報cに対し、認証用変換特徴データy’との排他的論理和 
 w’=c(+)y’ = (y(+)w)(+)(y’) = w(+)(y(+)y’) 
を計算する。y(+)y’は、yとy’のハミング距離がt以下のとき、つまりxとx’のハミング距離がt以下のとき、ハミング重みがt以下となる。従ってw’はwに対してt bit以下の誤差がのった情報となることに注意する。次にw’に対して、誤り訂正符号における復号化処理を実施する。誤り訂正符号は、その最小距離は2t+1なので、t bit以下の誤りを正しく訂正できる。従って、xとx’のハミング距離がt以下であれば(すなわち本人であると判定されるべき生体情報が入力されたなら)、wを正しく復元することができる。すなわち、認証用符号化特徴データと登録用符号化特徴データとの距離が所定値以下である場合に、正しい認証情報が復号化されることとなる。換言すると、認証用符号化特徴データと登録用符号化特徴データとの類似度が所定値以上である場合に正しい認証情報が復号化される、と言うこともできる。 S602 is a process of decrypting the biometric encryption with the biometric encryption authentication information for each matched record and the authentication conversion feature data as the decryption key. More specifically, the auxiliary information c included in the biometric encryption authentication information is exclusive ORed with the authentication conversion feature data y ′.
w '= c (+) y' = (y (+) w) (+) (y ') = w (+) (y (+) y')
Calculate y (+) y ′ has a Hamming weight of t or less when the Hamming distance between y and y ′ is t or less, that is, when the Hamming distance between x and x ′ is t or less. Therefore, note that w 'is information with an error of t bits or less with respect to w. Next, decoding processing using an error correction code is performed on w ′. Since the minimum distance of the error correction code is 2t + 1, an error of t bits or less can be corrected correctly. Therefore, if the hamming distance between x and x ′ is equal to or less than t (that is, if biometric information to be determined to be the person is input), w can be correctly restored. That is, when the distance between the authentication encoded feature data and the registration encoded feature data is equal to or less than a predetermined value, correct authentication information is decoded. In other words, it can be said that correct authentication information is decoded when the degree of similarity between the authentication encoded feature data and the registration encoded feature data is a predetermined value or more.
 復号に成功して w’’ を得たら、k’=hash(w’’) を計算し、k’を復号鍵とみなして、前述の暗号化アルゴリズムを用いて、バイオメトリック暗号化認証情報に含まれる暗号化認証情報を復号化する。 If the decryption is successful and w '' is obtained, k ′ = hash (w ″) is calculated, k ′ is regarded as a decryption key, and the above encryption algorithm is used to obtain biometric encryption authentication information. Decrypt the included encrypted authentication information.
 S603は、復号した認証情報に対してその検証情報をステップ(S307)と同様の方法で生成し、復号した検証情報と比較する処理である。検証情報同士が一致したら「成功」、不一致なら「失敗」とする。またステップ(S602)における誤り訂正符号の復号化処理そのものに失敗した場合(w’’が計算できなかった場合)も、ステップ(S603)において「失敗」とみなす。xとx’のハミング距離がt以下ならば、w’’=w, k’=k となり、ステップ(S603)において「成功」となることに注意する。 S603 is processing for generating the verification information for the decrypted authentication information in the same manner as in step (S307) and comparing it with the decrypted verification information. If the verification information matches, “success” is indicated. Further, when the error correction code decoding process itself in step (S602) fails (w ″ cannot be calculated), it is regarded as “failure” in step (S603). Note that if the hamming distance between x and x ′ is equal to or less than t, w ″ = w, k ′ = k, and “success” is obtained in step (S603).
 S604は、ステップ(S603)において「成功」となった場合にユーザを特定する処理である。この場合、wとw’の間のハミング距離d(≦t)は、xとx’の間のハミング距離に一致する。もし(S603)で「成功」となるレコードが複数存在したとき、よりt’の小さなレコードの方がより本人らしいと考えられる。そこで、dが最小のレコードを本人とする、あるいはdがtより小さいある閾値t’以下であるようなレコードで、最初に見つかったものを本人とするなどの方法により、ユーザを一意に特定する。 S604 is a process for identifying the user when “success” is obtained in step (S603). In this case, the Hamming distance d (≦ t) between w and w ′ matches the Hamming distance between x and x ′. If there are a plurality of “successful” records in (S603), it is considered that the record with the smaller t ′ is more personal. Therefore, the user is uniquely identified by such a method that d is the record with the smallest d, or d is less than a certain threshold value t ′, and the first one found is the record. .
 本実施例では、ユーザ端末200にはユーザの生体情報から作成されるいかなる情報も、またユーザの認証情報を構成するいかなる情報も、保存する必要がない。また1:N認証サーバ300やサービス提供サーバ400には、ユーザ端末200を識別するいかなる情報も保存する必要がない。従ってユーザは様々なサービスを利用する際に、事前に利用するユーザ端末を登録あるいは限定することなく、任意のユーザ端末から利用することができる。また一つの端末を不特定多数のユーザで共有することも可能となる。 In the present embodiment, the user terminal 200 does not need to store any information created from the user's biometric information or any information constituting the user authentication information. The 1: N authentication server 300 and the service providing server 400 do not need to store any information for identifying the user terminal 200. Therefore, when using various services, the user can use any user terminal without registering or limiting user terminals to be used in advance. It is also possible to share one terminal with an unspecified number of users.
 また本実施例の認証フローをサービス提供サーバ400の側から見たとき、ユーザ端末200のふるまいは、通常のパスワード認証やPKI認証、FIDO認証における処理と区別がつかない。このためサービス提供サーバ400におけるユーザ認証機能や、ユーザ情報DB401に既に登録されているユーザ認証情報(パスワードや公開鍵など)を修正することなく、ユーザは生体情報のみによる認証方式を利用することができる。 Further, when the authentication flow of the present embodiment is viewed from the service providing server 400 side, the behavior of the user terminal 200 is indistinguishable from processing in normal password authentication, PKI authentication, and FIDO authentication. Therefore, the user can use an authentication method based only on biometric information without correcting the user authentication function in the service providing server 400 or the user authentication information (password, public key, etc.) already registered in the user information DB 401. it can.
 更に本実施例の認証フローでは、ユーザがサービスを利用する際に、ユーザ端末200に自分のユーザID(UID)を提示もしくは入力する必要がない。これは、ユーザIDを特定する処理が、生体情報のみに基づき、1:N認証サーバ300において実行されるとともに、サービス提供サーバ400に対するユーザIDの提示処理までをも代理で実行されるためである。しかも登録・認証処理フローは、バイオメトリック暗号による認証情報(ユーザIDおよび認証用秘密情報を含む)およびその検証情報の暗号化と、1:Nバイオメトリック復号化処理に基づいて実行されるため、登録用生体情報や登録用生体特徴データや認証情報を直接保存する必要がなく、これらの情報を高度に保護される。これにより生体情報や認証情報の漏えいリスクを最小化し、安全・安心な認証が実現できる。 Furthermore, in the authentication flow of this embodiment, when the user uses the service, it is not necessary to present or input his / her user ID (UID) to the user terminal 200. This is because the process of specifying the user ID is executed in the 1: N authentication server 300 based on only the biometric information, and the process of presenting the user ID to the service providing server 400 is also executed on behalf of the user. . Moreover, the registration / authentication process flow is executed based on biometric encryption authentication information (including user ID and authentication secret information) and its verification information, and 1: N biometric decryption process. There is no need to directly store biometric information for registration, biometric feature data for registration, and authentication information, and such information is highly protected. This minimizes the risk of leakage of biometric information and authentication information, enabling safe and secure authentication.
100:登録端末 101:サービス指定機能 102:ユーザID入力機能 103:認証用秘密情報入力(作成)機能104:証明書作成機能 105:センサ 106:特徴抽出機能 107:特徴変換機能 108:検証情報作成機能 109:バイメトリック暗号機能 110:登録機能 200:ユーザ端末 201:サービス利用機能 202:センサ203:特徴抽出機能 204:特徴変換機能 205:認証応答機能 300:1:N認証サーバ 301:バイオメトリック暗号化認証情報DB 302:1:Nバイオメトリック復号化機能 303:代理認証応答機能 400:サービス提供サーバ 401:ユーザ情報DB 402:ユーザ認証機能 403:サービス提供機能 500:ネットワーク 700:CPU 701:メモリ 702:ストレージ 703:入力装置 704:出力装置 705:通信装置 100: Registration terminal 101: Service specification function 102: User ID input function 103: Authentication secret information input (creation) function 104: Certificate creation function 105: Sensor 106: Feature extraction function 107: Feature conversion function 108: Verification information creation Function 109: Bimetric encryption function 110: Registration function 200: User terminal 201: Service use function 202: Sensor 203: Feature extraction function 204: Feature conversion function 205: Authentication response function 300: 1: N authentication server 301: Biometric encryption Authentication information DB 302: 1: N biometric decryption function 303: proxy authentication response function 400: service providing server 401: user information DB 402: user authentication function 403: service providing function 500: network 700: CPU 701: memory 702 : Storage 703: Input device 704: Output device 705: Communication device

Claims (10)

  1.  ユーザ端末と、前記ユーザ端末とネットワークを介して接続される認証サーバと、を備える認証システムであって、
     前記ユーザ端末は、ユーザの生体情報を取得するセンサと、
     取得された生体情報から認証用特徴データを抽出する特徴抽出部と、
     前記認証用特徴データを符号化して認証用符号化特徴データを作成する特徴データ符号化部と、
     前記認証用符号化特徴データを含む識別要求情報を外部に送信する送信部と、を備え、
     前記認証サーバは、バイオメトリック暗号化認証情報を格納するDBと、
     前記識別要求情報に基づき前記DBに含まれるバイオメトリック暗号化認証情報を検索する検索部と、
     検索されたバイオメトリック暗号化認証情報に対して前記認証用符号化特徴データを復号化鍵として復号化を行い、当該復号化により得た認証情報に基づきユーザを一意に識別する復号化処理部と、
     識別されたユーザに対して復号化により得た認証情報に基づき前記ユーザ端末に代わって認証応答処理を行う認証応答処理部と、を備えることを特徴とする生体認証システム。     An authentication system comprising a user terminal and an authentication server connected to the user terminal via a network,
    The user terminal includes a sensor that acquires user biometric information;
    A feature extraction unit for extracting feature data for authentication from the acquired biometric information;
    A feature data encoding unit that encodes the authentication feature data to create encoded authentication feature data;
    A transmission unit for transmitting the identification request information including the authentication encoded feature data to the outside,
    The authentication server includes a DB that stores biometric encryption authentication information;
    A search unit for searching for biometric encryption authentication information included in the DB based on the identification request information;
    A decryption processing unit that performs decryption on the retrieved biometric encryption authentication information using the authentication encoded feature data as a decryption key, and uniquely identifies the user based on the authentication information obtained by the decryption; ,
    A biometric authentication system comprising: an authentication response processing unit that performs an authentication response process on behalf of the user terminal on the basis of authentication information obtained by decoding the identified user.
  2.  請求項1に記載の生体認証システムにおいて、
     前記バイオメトリック暗号化認証情報は、ユーザの認証情報を、当該ユーザの登録時の生体情報から抽出された登録用特徴データを符号化した登録用符号化特徴データを暗号鍵として暗号化した情報であり、
     前記復号化処理部は、前記認証用符号化特徴データと前記登録用符号化特徴データとの類似度が所定値を上回る場合に正しい認証情報を復号する、ことを特徴とする生体認証システム。     The biometric authentication system according to claim 1,
    The biometric encryption authentication information is information obtained by encrypting the authentication information of the user using the encoded feature data for registration obtained by encoding the feature data for registration extracted from the biometric information at the time of registration of the user. Yes,
    The biometric authentication system, wherein the decoding processing unit decodes correct authentication information when a similarity between the authentication encoded feature data and the registration encoded feature data exceeds a predetermined value.
  3.  請求項2に記載の生体認証システムにおいて、
     ユーザ認証方式がパスワード認証である場合に、前記認証情報は、ユーザがサービスを利用する際に用いるパスワードの情報を含むことを特徴とする生体認証システム。     The biometric authentication system according to claim 2,
    When the user authentication method is password authentication, the authentication information includes password information used when the user uses the service.
  4.  請求項2に記載の生体認証システムにおいて、
     ユーザ認証方式が公開鍵暗号方式である場合に、前記認証情報は、ユーザがサービスを利用する際に用いる秘密鍵の情報を含むことを特徴とする生体認証システム。     The biometric authentication system according to claim 2,
    When the user authentication method is a public key encryption method, the authentication information includes information on a secret key used when the user uses the service.
  5.  請求項2乃至4に記載の生体認証システムにおいて、
     前記認証情報は、ユーザがサービスを利用する際に用いるユーザIDを含むことを特徴とする生体認証システム。     The biometric authentication system according to claim 2, wherein
    The biometric authentication system, wherein the authentication information includes a user ID used when a user uses a service.
  6.  請求項2に記載の生体認証システムにおいて、
     前記認証情報は、当該認証情報の正しさを検証するための検証情報を含み、
     前記復号化処理部は、復号化した認証情報が正しいか否かを前記検証情報に基づき判定する、ことを特徴とする生体認証システム。     The biometric authentication system according to claim 2,
    The authentication information includes verification information for verifying the correctness of the authentication information,
    The biometric authentication system, wherein the decryption processing unit determines whether the decrypted authentication information is correct based on the verification information.
  7.  請求項6に記載の生体認証システムにおいて、
     前記復号化処理部は、誤り訂正処理と、当該誤り訂正処理により訂正された誤り情報の量が最も少ないバイオメトリック暗号化認証情報を正しいユーザのものと判定してユーザに紐付ける処理とを実施する、ことを特徴とする生体認証システム。     The biometric authentication system according to claim 6,
    The decryption processing unit performs an error correction process and a process of determining biometric encryption authentication information with the least amount of error information corrected by the error correction process as being the correct user and associating it with the user A biometric authentication system characterized by that.
  8.  請求項6に記載の生体認証システムにおいて、
     前記復号化処理部は、誤り訂正処理と、当該誤り訂正処理により訂正された誤り情報の量が所定値を下回るバイオメトリック暗号化認証情報を正しいユーザのものと判定してユーザに紐付ける処理とを実施する、ことを特徴とする生体認証システム。     The biometric authentication system according to claim 6,
    The decryption processing unit includes an error correction process, a process of determining biometric encryption authentication information in which the amount of error information corrected by the error correction process is less than a predetermined value as that of the correct user, and associating the information with the user The biometric authentication system characterized by implementing.
  9.  請求項7または8に記載の生体認証システムにおいて、
     前記DBは、前記バイオメトリック暗号化認証情報とサービス種別とを対応付けて格納し、
     前記識別要求情報はサービス種別を識別する識別子を含み、
     前記検索部は、前記識別子に基づき、サービス種別に紐付くバイオメトリック暗号化認証情報を検索する、ことを特徴とする生体認証システム。     The biometric authentication system according to claim 7 or 8,
    The DB stores the biometric encryption authentication information and the service type in association with each other,
    The identification request information includes an identifier for identifying a service type,
    The biometric authentication system, wherein the search unit searches biometric encryption authentication information associated with a service type based on the identifier.
  10.  ユーザの生体情報を取得するセンサと、取得された生体情報から認証用特徴データを抽出する特徴抽出部と、前記認証用特徴データを符号化して認証用符号化特徴データを作成する特徴データ符号化部と、前記認証用符号化特徴データを含む識別要求情報を外部に送信する送信部と、を備えるユーザ端末とネットワークを介して接続されており、
     バイオメトリック暗号化認証情報を格納するDBと、
     前記識別要求情報に基づき前記DBに含まれるバイオメトリック暗号化認証情報を検索する検索部と、
     検索されたバイオメトリック暗号化認証情報に対して前記認証用符号化特徴データを復号化鍵として復号化を行い、当該復号化により得た認証情報に基づきユーザを一意に識別する復号化処理部と、
     識別されたユーザに対して復号化により得た認証情報に基づき前記ユーザ端末に代わって認証応答処理を行う認証応答処理部と、を備えることを特徴とする認証サーバ。     A sensor that acquires user biometric information, a feature extraction unit that extracts authentication feature data from the acquired biometric information, and feature data encoding that encodes the authentication feature data to create authentication feature data And a user terminal provided with a transmission unit that transmits identification request information including the authentication encoded feature data to the outside, and connected via a network,
    A DB for storing biometric encryption authentication information;
    A search unit for searching for biometric encryption authentication information included in the DB based on the identification request information;
    A decryption processing unit that performs decryption on the retrieved biometric encryption authentication information using the authentication encoded feature data as a decryption key, and uniquely identifies the user based on the authentication information obtained by the decryption; ,
    An authentication response processing unit comprising: an authentication response processing unit that performs an authentication response process on behalf of the user terminal based on authentication information obtained by decryption for an identified user.
PCT/JP2017/011174 2016-03-22 2017-03-21 1:n biometric authentication, encryption, signature system WO2017164159A1 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
EP17770201.6A EP3435591B1 (en) 2016-03-22 2017-03-21 1:n biometric authentication, encryption, signature system
US15/752,623 US10680808B2 (en) 2016-03-22 2017-03-21 1:N biometric authentication, encryption, signature system
CN201780002824.4A CN107925581B (en) 2016-03-22 2017-03-21 Biometric authentication system and authentication server

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2016056420A JP6507115B2 (en) 2016-03-22 2016-03-22 1: N biometric authentication · encryption · signature system
JP2016-056420 2016-03-22

Publications (1)

Publication Number Publication Date
WO2017164159A1 true WO2017164159A1 (en) 2017-09-28

Family

ID=59899423

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2017/011174 WO2017164159A1 (en) 2016-03-22 2017-03-21 1:n biometric authentication, encryption, signature system

Country Status (5)

Country Link
US (1) US10680808B2 (en)
EP (1) EP3435591B1 (en)
JP (1) JP6507115B2 (en)
CN (1) CN107925581B (en)
WO (1) WO2017164159A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2020154750A (en) * 2019-03-20 2020-09-24 株式会社日立製作所 Authentication information management server device, authentication information management system, and authentication information management method

Families Citing this family (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11032273B2 (en) * 2017-04-29 2021-06-08 Crypto Lab Inc. Method for authenticating secret information which protects secret information
JP7013193B2 (en) 2017-10-10 2022-01-31 キヤノン株式会社 System, system control method, voice control device, voice control device control method, and program
JP7030476B2 (en) * 2017-11-06 2022-03-07 キヤノン株式会社 Image processor, image processor control method, program, system, and system control method
JP7046575B2 (en) * 2017-11-28 2022-04-04 キヤノン株式会社 The system, and the method in the system
KR101912607B1 (en) 2018-01-08 2018-10-29 정형찬 Employment contract printing apparatus using biometric data and operating method thereof
WO2019191083A1 (en) * 2018-03-26 2019-10-03 Colorado State University Research Foundation Apparatuses, systems and methods for generating and tracking molecular digital signatures to ensure authenticity and integrity of synthetic dna molecules
US20200043000A1 (en) * 2018-08-03 2020-02-06 Panasonic Intellectual Property Corporation Of America Data distribution method, authentication server, and data structure
JP7147850B2 (en) * 2018-08-07 2022-10-05 日本電気株式会社 Terminal device, processing device, processing system, terminal device control method, processing method and program
US11354422B2 (en) * 2018-11-02 2022-06-07 Rank One Computing Corporation Optimizations for privacy-preserving distance metric computation
FR3089653B1 (en) * 2018-12-07 2022-12-16 Orange User authentication technique
US10530577B1 (en) * 2019-02-08 2020-01-07 Talenting, Inc. Systems and methods for biometric key generation in data access control, data verification, and path selection in block chain-linked workforce data management
US11451538B2 (en) * 2019-04-05 2022-09-20 University Of South Florida Methods and systems of authenticating of personal communications
US11468158B2 (en) * 2019-04-10 2022-10-11 At&T Intellectual Property I, L.P. Authentication for functions as a service
KR20210039735A (en) * 2019-10-02 2021-04-12 삼성에스디에스 주식회사 Method and apparatus for user authentication
US20230164142A1 (en) * 2020-04-10 2023-05-25 Nec Corporation Authentication server, authentication system, control method of authentication server, and storage medium
US11546164B2 (en) * 2020-10-23 2023-01-03 Visa International Service Association Verification of biometric templates for privacy preserving authentication
EP4296996A1 (en) * 2021-03-22 2023-12-27 Nippon Telegraph And Telephone Corporation Secure search method, secure search system, secure search device, encryption device, searcher terminal, and program
WO2022201235A1 (en) * 2021-03-22 2022-09-29 日本電信電話株式会社 Secret search method, secret search system, secret search device, encryption device, searcher terminal, and program
WO2024030559A1 (en) * 2022-08-03 2024-02-08 Dapple Security, Inc. Systems and methods for biometrics-based secure data encryption and data signature

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6038315A (en) * 1997-03-17 2000-03-14 The Regents Of The University Of California Method and system for normalizing biometric variations to authenticate users from a public database and that ensures individual biometric data privacy
JP2001197055A (en) * 2000-01-07 2001-07-19 Nippon Steel Corp Device, method, and service system for proxy authentication and computer-readable recording medium
JP2002532997A (en) * 1998-12-14 2002-10-02 コーニンクレッカ フィリップス エレクトロニクス エヌ ヴィ A biometric identification mechanism that can maintain the integrity of biometric information
JP2006113710A (en) * 2004-10-13 2006-04-27 Fuji Xerox Co Ltd Information processing system, information processor, information processing method, and computer program
JP2011253329A (en) * 2010-06-02 2011-12-15 Hitachi Ltd Authentication method using ic card
JP2011253378A (en) * 2010-06-02 2011-12-15 Waseda Univ Authentication device and authentication method

Family Cites Families (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1237091A4 (en) * 1999-12-10 2006-08-23 Fujitsu Ltd Personal authentication system and portable electronic device having personal authentication function using body information
US20060250213A1 (en) * 2000-07-28 2006-11-09 Cain George R Jr Biometric data controlled configuration
JP4552294B2 (en) * 2000-08-31 2010-09-29 ソニー株式会社 Content distribution system, content distribution method, information processing apparatus, and program providing medium
EP2261830B1 (en) * 2008-03-31 2018-05-16 Fujitsu Limited Authentication method, authentication device, program, and recording medium
JP2010039890A (en) * 2008-08-07 2010-02-18 Hitachi Ltd Authentication terminal, authentication server, authentication system, authentication method and authentication program
JP5270514B2 (en) * 2009-10-23 2013-08-21 株式会社日立製作所 Biometric authentication method and computer system
EP2323308B1 (en) * 2009-11-12 2016-03-23 Morpho Cards GmbH A method of assigning a secret to a security token, a method of operating a security token, storage medium and security token
CN101976321B (en) * 2010-09-21 2013-04-10 北京工业大学 Generated encrypting method based on face feature key
EP2634955B1 (en) * 2010-10-29 2020-01-15 Hitachi, Ltd. Information authentication method and information authentication system
JP5496410B2 (en) * 2011-02-22 2014-05-21 三菱電機株式会社 Similarity calculation system, similarity calculation device, computer program, and similarity calculation method
US9021565B2 (en) * 2011-10-13 2015-04-28 At&T Intellectual Property I, L.P. Authentication techniques utilizing a computing device
US8966277B2 (en) * 2013-03-15 2015-02-24 Mitsubishi Electric Research Laboratories, Inc. Method for authenticating an encryption of biometric data
JP2016131335A (en) * 2015-01-14 2016-07-21 富士通株式会社 Information processing method, information processing program and information processing device
US9686272B2 (en) * 2015-02-24 2017-06-20 Go Daddy Operating Company, LLC Multi factor user authentication on multiple devices
US10242362B2 (en) * 2015-10-23 2019-03-26 Bank of the Ozarks Systems and methods for issuance of provisional financial accounts to mobile devices
US10237270B2 (en) * 2016-09-29 2019-03-19 International Business Machines Corporation Distributed storage of authentication data

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6038315A (en) * 1997-03-17 2000-03-14 The Regents Of The University Of California Method and system for normalizing biometric variations to authenticate users from a public database and that ensures individual biometric data privacy
JP2002532997A (en) * 1998-12-14 2002-10-02 コーニンクレッカ フィリップス エレクトロニクス エヌ ヴィ A biometric identification mechanism that can maintain the integrity of biometric information
JP2001197055A (en) * 2000-01-07 2001-07-19 Nippon Steel Corp Device, method, and service system for proxy authentication and computer-readable recording medium
JP2006113710A (en) * 2004-10-13 2006-04-27 Fuji Xerox Co Ltd Information processing system, information processor, information processing method, and computer program
JP2011253329A (en) * 2010-06-02 2011-12-15 Hitachi Ltd Authentication method using ic card
JP2011253378A (en) * 2010-06-02 2011-12-15 Waseda Univ Authentication device and authentication method

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2020154750A (en) * 2019-03-20 2020-09-24 株式会社日立製作所 Authentication information management server device, authentication information management system, and authentication information management method
WO2020189308A1 (en) * 2019-03-20 2020-09-24 株式会社日立製作所 Authentication information management server device, authentication information management system, and authentication information management method
JP7099975B2 (en) 2019-03-20 2022-07-12 株式会社日立製作所 Authentication information management server device, authentication information management system and authentication information management method

Also Published As

Publication number Publication date
US20180241558A1 (en) 2018-08-23
JP2017175244A (en) 2017-09-28
EP3435591B1 (en) 2021-03-03
JP6507115B2 (en) 2019-04-24
US10680808B2 (en) 2020-06-09
CN107925581A (en) 2018-04-17
CN107925581B (en) 2021-01-08
EP3435591A1 (en) 2019-01-30
EP3435591A4 (en) 2019-10-23

Similar Documents

Publication Publication Date Title
WO2017164159A1 (en) 1:n biometric authentication, encryption, signature system
US11824991B2 (en) Securing transactions with a blockchain network
AU2016217549B2 (en) Systems and methods for securely managing biometric data
US10728027B2 (en) One-time passcodes with asymmetric keys
US6959394B1 (en) Splitting knowledge of a password
JP4881119B2 (en) User authentication method, user side authentication device, and program
CN103124269B (en) Based on the Bidirectional identity authentication method of dynamic password and biological characteristic under cloud environment
US20060195402A1 (en) Secure data transmission using undiscoverable or black data
WO2010070787A1 (en) Biometric authentication system and method therefor
JP5710439B2 (en) Template delivery type cancelable biometric authentication system and method
JP2019512961A (en) Method and system for user authentication with improved security
JP2012044670A (en) User authentication method based on utilization of biometric identification techniques, and related architecture
US11949785B1 (en) Biometric authenticated biometric enrollment
US20140258718A1 (en) Method and system for secure transmission of biometric data
JP2019506789A (en) A method, system, and apparatus using forward secure encryption technology for passcode verification.
JPH11353280A (en) Identity confirmation method and system by means of encipherment of secret data
CN109412799B (en) System and method for generating local key
WO2023133907A1 (en) Privacy protection biometric authentication method and apparatus, and electronic device
JPWO2020121458A1 (en) Matching system, client and server
JP2006277471A (en) Pseudo-biometrics authentication system, pseudo-biometrics authentication method and pseudo-biometrics authentication program
WO2023181163A1 (en) Collation system, collation device, collation method, and program
KR102030617B1 (en) Method and apparatus for generating and verifying one-time password
WO2024047278A1 (en) Method and system for securely managing private wallet
JP2004021591A (en) Management device and authentication device
WO2009018513A1 (en) Systems and methods for implementing a mutating lock box

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 15752623

Country of ref document: US

NENP Non-entry into the national phase

Ref country code: DE

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17770201

Country of ref document: EP

Kind code of ref document: A1